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Listing of the Claims: 

The listing of claims below, wherein underlining indicates additions, and 
strikethrough or double bracketing indicates deletions, will replace all prior versions and 
listings of claims in the application: 

1 . (Currently amended) A method (300) for distributing data-(25), within a 
network-£±-t), between a source consumer (SO) and a destination consumer (250) , the data 
originating from, and protected by predetermined intellectual property rights of, a third 
party (20) , the method comprising: 

specifying (302) a first access condition associated with the data, the access 
condition based on the predetermined intellectual property rights; 

based on a request requesting transfer of the data from the source consumer to the 
destination consumer, and based on a service ticket issued by an authority associated with 
the source consumer, arranging (304 ) for authentication of the destination consumer; and 

after authentication of the destination consumer, based on a second access 
condition issued by an authority associated with the source consumer, arranging (306) for 
transfer of the data, via the network in a peer-to-peer manner, from the source consumer 
to the destination consumer|"|","|"| ; and 

based on the first and second access conditions, transferring the data via the 
network in a peer-to-peer manner, from the source consumer to the destination consumer; 

use (308) of the data by the destination consumer restricted in a manner specified 
by the first and second access conditions; 

wherein the service ticket has been authenticated using a ticket granting ticket 
encrypted with a cross-realm key . 

2. (Currently amended) The method according to claim 1, wherein the first 
access condition is further based on consumer characteristics (252) associated with the 
destination consumer. 
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3. (Currently amended) The method according to claim 2, wherein the 
consumer characteristics (252) comprise one of a destination consumer domain name, or 
destination consumer device identity. 

4. (Currently amended) The method according to claim 1 , further 
comprising the step[[s]] of: 

based on the service ticket, authenticating the destination consumer^-and 
based on the first and second access conditions, transferring the data via the 
network in a peer to peer manner, from the source consumer to the destination consumer . 

5. (Original) The method according to claim 1, further comprising: 
arranging for creation of a content license by the destination consumer based on 

the first and second access conditions. 

6. (Original) The method according to claim 5, wherein the use of the data 
by the destination consumer is restricted in a manner specified in the content license. 

7. (Original) The method according to claim 1, wherein the network 
comprises the Internet. 

8. (Original) The method according to claim 7, wherein the destination 
consumer comprises a set-top box. 

9. (Currently amended) The method according to claim 1, wherein the step 
of arranging for authentication of the destination consumer comprises arranging for 
authentication of a gateway device (250) associated with the destination consumer. 

10. (Original) The method according to claim 1, further comprising: 
prior to arranging for transfer of the data, encrypting the data. 
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1 1 . (Original) The method according to claim 1 0, wherein the step of 
encrypting comprises forming ciphertext based on the data and an encryption key, 
according to a predetermined encryption routine. 

12. (Original) The method according to claim 10, further comprising: 
authenticating the data, after the data has been transferred. 

13. (Original) The method according to claim 1 , wherein the access 
condition is based on a content license from a provider of the data. 

14. (Original) The method according to claim 13, wherein the content license 
is located at the source consumer. 

15. (Currently amended) The method according to claim 1, wherein the 
service ticket had been obtained with a ticket granting server request/reply exchange 
between the destination consumer and a key distribution center associated with the source 
consumer , and auth e nticat e d using a ticket granting ticket encrypted with a cross r e alm 

16. (Original) The method according to claim 15, wherein the step of 
arranging for authentication of the destination consumer comprises establishing security 
associations between the key distribution center associated with the source consumer and 
a key distribution center associated with the destination consumer, using the shared cross- 
realm key. 

17. (Original) The method according to claim 1 , wherein the service ticket is 
obtained based on an authentication server AS request/reply exchange between the 
destination consumer and a key distribution center associated with the source consumer, 
and 
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wherein the destination consumer is authenticated with a digital authentication 
certificate associated with the destination consumer, the digital authentication certificate 
including a realm name of the destination consumer. 

18. (Original) The method according to claim 1, wherein the step of 
arranging for transfer of the data comprises arranging for one of streaming, moving and 
copying of the data. 

19. (Original) A computer-readable medium encoded with a computer 
program which, when loaded into a processor, implements the method of claim 1 . 

20. (Currently amended) A system for distributing data (25) , within a 
network (11) , between a source consumer (SO) responsive to a first key distribution center 
(213) and a destination consumer (250) responsive to a second key distribution center 
(215) , the data {24} originating from, and protected by predetermined intellectual 
property rights of, a third party-(20), the system comprising: 

a network communications interface (62/262/282) for receiving a request for 
transfer of the data (24) from the source consumer (SO) to the destination consumer 
(250) , and for transferring the data (24) from the source consumer (§0) to the destination 
consumer (250) , via the network (11) , in a pccr-to-peer manner in response to the request; 
and 

an information processing system (6'1/264/28'1) in communication with the 
network communications interface, for processing the request received by the source 
network communications interface, and, based on the request, performing a method 
comprising: 

arranging for authentication of the destination consumer based on a service 
ticket issued by the first key distribution center , wherein the service ticket has been 
authenticated using a ticket granting ticket encrypted with a cross-realm key : 

arranging for determining whether the destination consumer is authorized, in a 
manner specified by a first access condition based on the predetermined intellectual 
property rights of the third party, to receive the data from the source consumer; and 
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based on a second access condition returned by the source consumer, 
arranging for transfer, via the network communications interface, of the data from the 
source consumer to the destination consumer, 

use of the data by the destination consumer restricted in a manner specified by the 
first and second access conditions; 

wherein the information processing system comprises a processor responsive to a 
computer-readable storage medium and to a computer program, the computer program, 
when loaded into the processor, operative to perform the method . 

21 . (Currently amended) The system according to claim 20, wherein the 
network communications interface (62, 262) is associated with a gateway device (50/250) 
of one of the source consumer and the destination consumer. 

22. (Cancelled) 

23. (Original) The system according to claim 22, wherein the processor is 
associated with the gateway device. 

24. (Currently amended) The system according to claim 20, wherein the 
network communications interface (282) is associated with a server (270) accessible to 
the source consumer via the network. 

25. (Currently amended) The system according to claim 24, wherein the 
information processing system comprises a processor (24) responsive to a computer- 
readable storage medium (2-2) and to a computer program (26) , the computer program, 
when loaded into the processor, operative to perform the method. 

26. (Currently amended) The system according to claim 25, wherein the 
processor is associated with the serve r (270) . 
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